WordPress iThemes Security (Better WP Security) Insecure Backup/Logfile Generation (predicatable filename)

April 21, 2016 007admin

Posted by Sysdream Labs on Apr 21

WordPress iThemes Security (Better WP Security) Insecure Backup/Logfile Generation (predicatable filename)
==========================================================================================================

Description
===========

When using the “database backup/logging on filesystem” feature, iThemes security generates a weak filename allowing
attackers to obtain the backup/log file if they know when the backup/log file was…

007 Software

WordPress iThemes Security (Better WP Security) Insecure Backup/Logfile Generation (predicatable filename)

Software and Security Information